{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T19:37:43.956","vulnerabilities":[{"cve":{"id":"CVE-2019-4732","sourceIdentifier":"psirt@us.ibm.com","published":"2020-02-03T17:15:14.627","lastModified":"2024-11-21T04:44:04.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618."},{"lang":"es","value":"IBM SDK, Java Technology Edition Versión versiones 7.0.0.0 hasta 7.0.10.55, versiones 7.1.0.0 hasta 7.1.4.55 y versiones 8.0.0.0 hasta 8.0.6.0, podrían permitir a un atacante autenticado local ejecutar código arbitrario en el sistema, causado por una vulnerabilidad de secuestro del orden de búsqueda de DLL en el cliente de Microsoft Windows. Mediante la colocación de un archivo especialmente diseñado en una carpeta comprometida, un atacante podría explotar esta vulnerabilidad para ejecutar código arbitrario en el sistema. ID de IBM X-Force: 172618."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.6,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.6,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-426"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*","versionStartIncluding":"7.0.0.0","versionEndIncluding":"7.0.10.55","matchCriteriaId":"8744D28C-4CBA-4777-89DC-8BBE1AD327A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*","versionStartIncluding":"7.1.0.0","versionEndIncluding":"7.1.4.55","matchCriteriaId":"8D4B39C8-9D08-41A6-9173-75FB13F597CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.0.6.0","matchCriteriaId":"05936C33-90D9-46B5-B5F5-52CC13595ABA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"B0905C80-A1BA-49CD-90CA-9270ECC3940C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*","matchCriteriaId":"07EBB48B-4EE2-4333-851E-BA1B104FBE92"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*","matchCriteriaId":"E30E8CE2-9137-4669-AE86-FB8ED0899736"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*","matchCriteriaId":"C4F6F77C-2C0D-4A31-B2A0-DB1C4296FF5E"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/172618","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/1288060","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/172618","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/1288060","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}